[tex-live] TeXLive2007: Bug in (Xe)TeX for 64bit and big endianess

[Dr. Werner Fink]

On Wed, May 09, 2007 at 11:33:55AM +0200, Hans Hagen wrote:
> since pdftex is rather monolithic, updating a statically bound pdftex is 
> also an option; xpdf bugs are fixed in the repos and so pdftex has the 
> fixes; since tex users need to update pdftex regularly anyway (because 
> of other fixes) this no big burden on the user.

Updates within an old distribution are nogoes for distributors. This
because you can not destroy certifications and tested states of an
existing product by getting unkown side effects with new binaries
in an existing package.  The way to go is to fix the security issue
and provide an update with a binary patch on the existing package.
Our QA would never accept a full update to an new version of texlive
on an old product line without a real BETA testing session.

Please remember this is not due I do not wanted to do (in fact it
would make life much easier) its simply the experience of the
distributors not to change the version of an packages within an
old product.  The experience is that such an update cause more
problems than it fix.  No customer/user accept that e.g. his TeX
files does not compile after a security update on the same product ...


      Werner

-- 
  "Having a smoking section in a restaurant is like having
          a peeing section in a swimming pool." -- Edward Burr